Rohith Gudavalli, Threat analyst

Rohith Gudavalli

Threat analyst

Hcl Technologies

Lieu
Inde - Hyderabad
Éducation
Master, Computer Sciences and Electronics streaming
Expérience
6 years, 1 Mois

Partager Mon CV

Empêcher usager


Expériences professionnelles

Total des années d'expérience :6 years, 1 Mois

Threat analyst à Hcl Technologies
  • Inde - Hyderabad
  • novembre 2019 à mai 2022

Monitoring, Analysing and managing the real time events
for the security devices using SIEM tool.
• Perform detailed analysis of Phishing mails and submit the
analysis to Cyber Defense Team for further action.
• Validating the phishing mail by examining the mail headers,
URL, IP reputations, attachments and identifying impact of
them.
• Analysing the attachment and URL's by dynamic method using
Cisco threat grid.
• Monitoring, troubleshooting, and triaging of incidents related
to attacks like DDOS, Ransomware, and Credential validation
attack & Mitre Attack
• Analyze the application that triggered Symantec, MDATP and
CS endpoint protection alert using the application information,
its hash and logs to white list the application from the firm.
• Experience in Incident Response management with Red team.
• Responsible for proactive threat analysis and activities across
the network leveraging intelligence from multiple internal and
external sources
• Conduct threat hunt operations using known adversary as well
as Indicators of Attack (IOA) in order to detect adversaries with
persistent access to the enterprise
• Actively check for Industry and Region-specific IOCs and Threat
actors.
• Conducts technical analysis on impacted systems to determine
impact, scope, and recovery from active and potential cyber
incidents
• Good Exposure in Incident Management and Project
Management
• Practical Insights to creation of Rules, Dashboards, Reports & Custom
Properties.
• Involved with customer on weekly calls to understand their
requirements and act accordingly to provide them better service

IT Security Analyst à Optum Global Solutions
  • Inde
  • mai 2018 à août 2019

Working in a SOC (Security Operation centre) with multiple clients on Real Time Threat Management using SIEM
• Involved in 24*7 security event monitoring analysis, triage incident alerting and reporting for multiple clients
using SIEM.
• Identification, investigation and escalation of security threats to client-side security team.
• Performs Real time log monitoring, Security incident handling, investigation, escalation of security incidents with
recommendations to mitigate the threat.
• Practical Insights to creation of Rules, Dashboards, Reports & Custom Properties
• Introduced Shift Handover report for better communication between each shift.
Associate Analyst,

Associate Security Analyst à Tech Mahindra
  • Inde - Hyderabad
  • février 2016 à mars 2018

Conduct threat hunt operations using known adversary as well as Indicators of Attack (IOA) in order to detect adversaries with persistent access to the enterprise.
Actively check for Industry and Region-specific IOCs and Threat actors.
Conducts technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents
Good Exposure in Incident Management
Practical Insights to creation of Rules, Dashboards, Reports & Custom Properties.
Involved with customer on weekly calls to understand their requirements and act accordingly to provide them better service.

Éducation

Master, Computer Sciences and Electronics streaming
  • à XIBM
  • mars 2018

Network Systems

Master, Network Systems
  • à XIBM
  • janvier 2018

(

Specialties & Skills

Microsoft CRM
SIEM Qradar
Cyber Security
EDR Tools
Log Analytics
ANALYSIS
MICROSOFT ACCESS
NETSCAPE ENTERPRISE SERVER
NETWORKING
Microsoft Defender for Cloud
Azure Sentinel

Langues

Anglais
Expert
Hindi
Expert

Formation et Diplômes

SPLUNK (Certificat)
Date de la formation:
August 2020

Loisirs

  • Cloud Security, SIEM , Azure Security